CVE-2016-1602 in Linux Enterprise Desktopinfo

Summary

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

01/12/2016

Disclosure

03/23/2017

Moderation

VulDB entry created

Entries

VDB-98388 (1)

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

7.8

EPSS

0.00113

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-1602
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-1602
CVE Details	https://www.cvedetails.com/cve/CVE-2016-1602/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!